BEST AVAILABLE CO 

Amendments to the Claims; 

This listing of claims will replace all prioi 1 versions, and listings, of claims in the applications: 
Listing of Claims: 

1-56. (Canceled). j 

57. (Currently Amended) A system for maintaining security in a distributed computing 
environment, comprising: 

a policy manager located on a server for managing creating a local security policy and for 
distributing the local security policy to a client wherein the local security policy includes a 
plurality of rules customizabl e customized to the client; and 

an application guard located at the client for managing access to securable components at 
a client level as specified by the local security policy, the securable components including at 
least one application; 

wherein the policy manager receives a global security policy that includes a plurality of 
rules for regulating access to securable cdmponents within the system and where in the policy 
manager customizes the local security policy by selecting a subset of rules from the global 
security policy that is applicable to the application guard and distributes the subset to the 
application guard. , 

58. (Previously Presented) The system of Claim 57 including a function within the 
application as specified by the security policy. 

59. (Withdrawn) The system of Claim 57 including a procedure within the application as 
specified by the security policy. 

60. (Withdrawn) The system of Claim 57 including a data structure within the application as 
specified by the security policy. 



Attorney Docket No.; BEAS-01 453TJS I 2 
M:\JGcrinsgon/BBAS/1453USl /non-compliant rcspon sc.doc 

PAGE 3/8 * RCVD AT 411 112006 2:43:20 PM [Eastern Daylight Time] ' SVR:USPTO-EFXRF-5/8 ' DNIS:2738300 * CSID:415 362 2928 * DURATION (mm-ss):0142 



! BEST AVAILABLE Or 

6 1 . (Withdrawn) The system of Claim 57 including a database obj ect referenced by the 
application as specified by the security policy. 

i 

62. (Withdrawn) The system of Claim 57 including a file system object referenced by the 
application as specified by the security policy. 

63 . (Currently Amended) A method for maintaining security in a distributed computing 
environment, comprising: 

receiving a global security policy that includes a plurality of rules for regulating access to 
securable components in the system, the securable components including at least one application; 

managing creating a local security policy via a policy manager located on a server, the 
local s ecurity policy including a plurality of rules cuotomiza bie customized to a client wherein 
creating the local security policy includes customizing the local security policy bv selecting a 
subset of rules from the global security policy that is app licable to an application guard located 
on the client; 

distributing the local security policy to the client; and 

managing access as specified by the local security policy via an the application guard 
located at the client to securable components including at loaat one application . 

64. (Previously Presented) The method of Claim 63 including a function within the 
application as specified by the security policy. 

65. (Withdrawn) The method of Claim 63 including a procedure within the application as 
specified by the security policy. 

66. (Withdrawn) The method of Claim 63 including a data structure within the application as 
specified by the security policy, 

67. (Withdrawn) The method of Claim 63 including a database object referenced by the 
application as specified by the security policy. 

i 
i 

I 
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68. (Withdrawn) The method of Claim 63 including a file system object referenced by the 
application as specified by the security policy. 

69-71. (Canceled). 

72. (Currently Amended) A method for maintaining security in a distributed computing 
environment, comprising the steps of: 

receiving a global security policy that includes a plurality of rules for regulating access to 
securable components in the system, the securable components including at least one application; 

providing a policy manager located on a server to maaag e create a local security policy 
including a plurality of rules customizable customized to a client wherein creating the local 
security policy includes customizing the local security policy bv selecting a subset of rules from 
the global security policy that is applicable to an application gn arH locate d on the client: 

distributing the local security policy to the client; and 

providing an application guard located at the client to manage access to securable 
components at a client level as specified by the local security polic yHho s e curabl e component s 
including at least one application . 

73 . (Previously Presented) The method of Claim 72 including a function within the 
application as specified by the security policy. 

74. (Withdrawn) The method of Claim 72 including a procedure within the application as 
specified by the security policy. 

75. (Withdrawn) The method of Claim 72 including a data structure within the application as 
specified by the security policy. 

76. (Withdrawn) The method of Claim 72 including a database object referenced by the 
application as specified by the security policy. 
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77. (Withdrawn) The method of Claim 72 including a file system object referenced by the 

i 

application as specified by the security policy. 
78-80. (Canceled). 

81. (Currently Amended) A computer readable storage medium having stored thereon a set 
of instructions to execute a method for maintaining security in a distributed computing 
environment comprising the steps of: , 

receiving a global security policy that includes a plurality of rules for regulating access to 
securable components in the system, the securable components including at least one application; 

managing creating a local security policy via a policy manager located on a server, the 
locaL security policy including a plurality of rules customizabl e customized to a client wherein 
creating the local security policy includes customizing the local security policy by selecting a 
subset of rules from the global security policy that is applicable to an application guard located 
on the client: 

distributing the local security policy to the client; and 

managing access as specified by the local security policy via an the application guard 
located at the client to securable components including at loaot on e application . 

82. (Previously Presented) The computer readable storage medium of Claim 81 including a 
function within the application as specified by the security policy. 

83- (Withdrawn) The computer readable storage medium of Claim 81 including a procedure 
within the application as specified by the security policy. 

84. (Withdrawn) The computer readable storage medium of Claim 8 1 including a data 
structure within the application as specified by the security policy. 

85. (Withdrawn) The computer readable storage medium of Claim 81 including a database 
object referenced by the application as specified by the security policy. 

i 

Attorney Docket No.: BEAS-01453US3 I 5 

M:\JGcring&On/BEAS/l 453 US 1 /non-compliant response.doc 

PAGE 618 * RCVD AT 411 1/2006 2:43:20 PM (Eastern Daylight Time] ' SVR:USPTO-EFXRF-5/8 ' DNIS:2738300 ' CSID:4 15 362 2928 * DURATION (mm-ss):01-52 



BEST AVAILABLE CO 



86. (Withdrawn) The computer readable storage medium of Claim 8 1 including a file system 
object referenced by the application as specified by the security policy. 

87-89. (Canceled). 

90. (Previously Presented) The system of claim 5 7, wherein the application guard further 
allows for additional customized code to process and evaluate authorization requests based on 
the additional customized code. 

9 1 . (Currently Amended) The system of claim 90, further comprising a wherein the global 
policy specifying specifies access privileges of a user to securable components. 

92. (Previously Presented) The method of claim 72, wherein the application guard further 
allows for additional customized code to process and evaluate authorization requests based on 
the additional customized code. 

93. (Currently Amended) The method of claim 92 , furth e r - comprising the step of providing 
a wherein the global policy sp e cifying specifies access privileges of a user to securable 
components. 

94. (Previously Presented) The computer readable storage medium of claim 81, wherein the 
application guard further allows for additional customized code to process and evaluate 
authorization requests based on the additional customized code. 

95. (Currently Amended) The computer readable storage medium of claim 94, wherein the 
B ft Q&od - fu g thor compris e s th e st e p of providing a global policy sp e cifying specifies access 
privileges of a user to securable components. 
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